17a32e77d51e59c86ebb47dc2e98eb2e[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17a32e77d51e59c86ebb47dc2e98eb2e.bin
Size

76KB
MD5

17a32e77d51e59c86ebb47dc2e98eb2e
SHA1

e31345393b460ff84b72f7d18b8c083c90bc0b5e
SHA256

2b015a82610ff33e315506a837744e9099592c76bc8c908d07fbf02506245eab
SHA512

796c7b66b6931cea815d7a02612cd236093a946b020f648d85a10abcd97307cce6cd28cf280b95083cd06ef28c80961580d0414ec1b79ae969fcf1fcf7339481
SSDEEP

1536:GJEDNlzwkEhXPxXEi6CHpGNnyrnA7JTKgC0mOd9pjVrs2ryrd1vUQuq6:GJEDNlzCNEinHpG0rmRfnLd9Hs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17a32e77d51e59c86ebb47dc2e98eb2e.bin

Files

17a32e77d51e59c86ebb47dc2e98eb2e.bin
.exe windows:4 windows x86 arch:x86

0e0bd1dfb6b466b079ebb9d94f2ec9f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLongPathNameA
GetVolumePathNameW
GetCurrentThread
SetComputerNameW
RegisterConsoleOS2
GetTapePosition
BaseCheckAppcompatCache
GetVolumeNameForVolumeMountPointA
FoldStringW
SetLastConsoleEventActive

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE